Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Hi i been having some malware problem and i think it has gotten tot he point where it disc me from the internet here and there now. please help me take a look and confirm if there there is any probelms. thank you and much appreciated.

Hi! Welcome to the MWR forums.
My name is Scotty. I would be glad to take a look at your log and help you with solving any malware problems. HijackThis logs can take a while to research.
Please be patient and I'd be grateful if you would note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.

The fixes are specific to your problem and should only be used for this issue on this machine.

Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.

It's often worth reading through these instructions and printing them for ease of reference.

If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.

Please reply to this thread. Do not start a new topic.

Please be patient as my posts to you have to be checked before I reply, so they make take longer.

You will receive a prompt asking if you want to remove the files, click YES

Once you click yes, your desktop will go blank as it starts removing Vundo.

When completed, it will prompt that it will reboot your computer, click OK.

Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

If you mean is there a chance of you infecting other computers on a network, then yes, there is, especially through shared resources. I would suggest disconnecting the infected pc, and perhaps have all connected machines checked out. Once you have all cleaned then connect the network up again.

WinPcapDid you intentionally install this program? Let me know in your next reply.

ViewpointI see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Playerâ€™s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto‑updating for the Viewpoint Manager ‑‑ the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.

To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware. I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components (Viewpoint, Viewpoint Manager, Viewpoint Media Player):

and as for the Virustotal i couldnt locate the tmrsrv32.exe. it wasn't there int he system32 folder.

the WinPcap i do not remeber if i installed it intentionally i don't think i did tho. Is it bad and should i remove? i will remove the viewpoint saince it doesnt sound like a good thing to have but would i lose my aim and any other softwares that it may effect?

Double-click the export.bat file The backup file will be placed in your C:\ directory as export-run.reg .

If there is a fatal error you can simply double click on the export-run.reg you just created to restore the registry to the state it was in before you began. Warning. Do not click it except if I tell you to do so. Double clicking it will reintroduce the maleware to your computer and can have other unexpected effects.

I would advise updating Adobe Reader, as the latest version clears up any vulnerabilities of previous versions. First uninstall the version you have on your computer then download and install Adobe Reader 8.1.

Delete the older versions of Java and download the newest.Please follow these steps to remove older version Java components.

Close any programmes you may have running, ESPECIALLY your web browser

Click Start > Control Panel.

Click Add/Remove Programs.

Check any item with Java Runtime Environment (JRE or J2SE) in the name.

Click the Remove or Change/Remove button.

Repeat as many times as necessary to remove all versions of Java.

Reboot your computer once all Java components are removed.

Then download the latest version of Java Runtime Environment (JRE) (4th one down the list), which is JRE6u2, and click Yes at the page warning, then accept the Licence Agreement before downloading the Offline file.

This is my usual speech for when you are clean, which you appear to be.

Please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore. - If you are using Windows ME or XP then you should disableand reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week(Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.Without a firewall your computer is succeptible to being hacked and taken over.I am very serious about this and see it happen almost every day with my clients.Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.This will ensure your computer has always the latest security updates available installed on your computer.If there are new updates to install, install them immediately, reboot your computer, and revisit the siteuntil there are no more critical updates.

Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.This will provide realtime spyware & hijacker protection on your computer alongside your virus protection.You should also scan your computer with this program on a regular basis just as you would an antivirus software.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.